Financial Daily from THE HINDU group of publications
Monday, Feb 07, 2005
eWorld
Features
Stocks
Port Info
Archives

Group Sites

 eWorld - Interview


`Ripples will touch BPO sector'

Moumita Bakshi

The baazee.com developments could have ramifications beyond e-commerce, and touch the BPO sector, feels this cyber law expert.

THE controversy stirred by the arrest of Avnish Bajaj, CEO of Baazee.com, the auction portal, on which the sexually explicit clip was put on sale, has not only generated a great deal of public interest in India and overseas, but has also raised issues relating to the liability of Network Service Providers (including auction sites) that are responsible for hosting third-party data.

Now, as the IT industry awaits the outcome of this case, eWorld sounds out a cyber law expert who feels the ramifications of this case could stretch well beyond the realms of e-commerce.

Advocate Pavan Duggal claims that both the incident, and its outcome, could have far-reaching implications for the Indian business process outsourcing (BPO) industry since these service providers are covered under the definition of Network Service Provider (NSP) in the Information Technology Act 2000.

eWorld caught up with Duggal ahead of his seminar series on BPO law in Bangalore.

What are the legal issues facing the BPO industry?

BPO and IT-enabled services (ITES) are the buzzwords today. A large number of people see them as the platform that would propel India into a super power as also towards the growth of information society.

But one must understand that there are legal issues that need to be understood by various players who operate in the sector.

There is a need to ensure voluntary self-compliance with existing international legal trends relating to outsourcing.

The industry must be in a position to convince the potential client that it has all the necessary means to comply with the legal requirements of the client, and of the jurisdiction in which the client is based.

Thus, the industry needs to adopt standards and procedures that comply with the major laws of the US and Europe.

In addition, the Indian outsourcing industry must comply with the requirements of the Information Technology Act 2000. In this connection, it is important to note that some of the provisions of the IT Act have a bearing on the Indian outsourcing industry as well.

For instance, under Section 79 of the IT Act, BPO companies could fall under the classification of Network Service Providers (NSPs) and therefore these companies are liable for the third-party data or information that they handle.

In your opinion, how is the Baazee.com case significant for the BPO sector?

It is significant as BPO companies can be made liable for all third-party data or information made available by them until they prove exercise of all due diligence. The precedent has been set.

I believe that going forward, we will see BPO companies being made liable for breach of third-party data.

Read with the IT Act, it would mean that for any offence by an employee of a BPO company, the company, as well as its CEO, could be liable.

So the implications of the case will not be limited to e-commerce activities but extend to the BPO sector as well.

According to you, BPO companies fall under the definition of Network Service Providers (NSP) under Section 79 of IT Act. Given this, what issues could BPO companies face going forward?

They could face issues relating to leakage of confidential personal, health, financial or insurance-related data, theft of client's IPR, or misuse of client information by an employee.

Some part of the same is addressed by the IT Act 2000, although the Indian cyber law is not a data-protection law.

Further, the new proposed legislation may take a long time to be legislated and implemented.

Do BPO companies need to take steps to ensure that in case of a breach by an employee, the CEO is not held liable?

There are various steps that BPO companies need to take to prove all due diligence.

The have to ensure compliance with the provisions of the Indian laws, including the Indian Information Technology Act 2000, rules, regulations made thereunder etc.

They need to comply with the requirements of the laws of the target jurisdiction where their clients are located.

With regard to the liability of Network Service Providers (NSPs), are any amendments to the IT Act required?

What is needed is not the lessening of liability but the shifting of the onus of proving guilt upon the law-enforcement agencies rather than NSPs or BPO companies proving their innocence.

I believe that errant companies need to be taken to task. The tenor of language of Section 79 of the IT Act, 2000 needs to be revisited.

I am not advocating the watering down of liability, but the manner of its enforceability in such a way that it is not anti-industry and not detrimental to the cause of the growth of electronic-commerce in the country.

moumita@thehindu.co.in

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
More bandwidth for IT road

Click to rev up
When band talks to hand...
Master those maps
Vying for the catch
You've got yourself a twin!
No wine online?
Slow system
Switching on DMA
Dial C for convergence
`Ripples will touch BPO sector'
Quiz
Computerisation in corrupt places
Cartoon

The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
Group Sites: The Hindu | Business Line | The Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |

Copyright © 2005, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line